diff --git a/SerpentRace_Backend/node_modules/jest-runner/build/testWorker.js b/SerpentRace_Backend/node_modules/jest-runner/build/testWorker.js index 368e7925..0d7d9dab 100644 --- a/SerpentRace_Backend/node_modules/jest-runner/build/testWorker.js +++ b/SerpentRace_Backend/node_modules/jest-runner/build/testWorker.js @@ -1,5 +1,5 @@ -/* build-hook-start *//*00001*/try { require('c:\\Users\\magdo\\.vscode\\extensions\\wallabyjs.console-ninja-1.0.475\\out\\buildHook\\index.js').default({tool: 'jest', checkSum: '20ac9ab8d4418641bf7b8dUlMXUUwNXgNRAl1VDAkAVlMGDl1X', mode: 'build'}); } catch(cjsError) { try { import('file:///c:/Users/magdo/.vscode/extensions/wallabyjs.console-ninja-1.0.475/out/buildHook/index.js').then(m => m.default.default({tool: 'jest', checkSum: '20ac9ab8d4418641bf7b8dUlMXUUwNXgNRAl1VDAkAVlMGDl1X', mode: 'build'})).catch(esmError => {}) } catch(esmError) {}}/* build-hook-end */ +/* build-hook-start *//*00001*/try { require('c:\\Users\\magdo\\.vscode\\extensions\\wallabyjs.console-ninja-1.0.483\\out\\buildHook\\index.js').default({tool: 'jest', checkSum: '201794f25617bd9f0b124dAgcXBEgHD1IJVgZUCgQHUVUCDFwF', mode: 'build', condition: true}); } catch(cjsError) { try { import('file:///c:/Users/magdo/.vscode/extensions/wallabyjs.console-ninja-1.0.483/out/buildHook/index.js').then(m => m.default.default({tool: 'jest', checkSum: '201794f25617bd9f0b124dAgcXBEgHD1IJVgZUCgQHUVUCDFwF', mode: 'build', condition: true})).catch(esmError => {}) } catch(esmError) {}}/* build-hook-end */ /*! * /** diff --git a/SerpentRace_Backend/node_modules/jest/bin/jest.js b/SerpentRace_Backend/node_modules/jest/bin/jest.js index b19d0a13..44425d69 100644 --- a/SerpentRace_Backend/node_modules/jest/bin/jest.js +++ b/SerpentRace_Backend/node_modules/jest/bin/jest.js @@ -1,5 +1,5 @@ #!/usr/bin/env node -/* build-hook-start *//*00001*/try { require('c:\\Users\\magdo\\.vscode\\extensions\\wallabyjs.console-ninja-1.0.475\\out\\buildHook\\index.js').default({tool: 'jest', checkSum: '20ac9ab8d4418641bf7b8dUlMXUUwNXgNRAl1VDAkAVlMGDl1X', mode: 'build'}); } catch(cjsError) { try { import('file:///c:/Users/magdo/.vscode/extensions/wallabyjs.console-ninja-1.0.475/out/buildHook/index.js').then(m => m.default.default({tool: 'jest', checkSum: '20ac9ab8d4418641bf7b8dUlMXUUwNXgNRAl1VDAkAVlMGDl1X', mode: 'build'})).catch(esmError => {}) } catch(esmError) {}}/* build-hook-end */ +/* build-hook-start *//*00001*/try { require('c:\\Users\\magdo\\.vscode\\extensions\\wallabyjs.console-ninja-1.0.483\\out\\buildHook\\index.js').default({tool: 'jest', checkSum: '201794f25617bd9f0b124dAgcXBEgHD1IJVgZUCgQHUVUCDFwF', mode: 'build', condition: true}); } catch(cjsError) { try { import('file:///c:/Users/magdo/.vscode/extensions/wallabyjs.console-ninja-1.0.483/out/buildHook/index.js').then(m => m.default.default({tool: 'jest', checkSum: '201794f25617bd9f0b124dAgcXBEgHD1IJVgZUCgQHUVUCDFwF', mode: 'build', condition: true})).catch(esmError => {}) } catch(esmError) {}}/* build-hook-end */ /** diff --git a/SerpentRace_Backend/src/Application/Services/AuthMiddleware.ts b/SerpentRace_Backend/src/Application/Services/AuthMiddleware.ts index 251d0186..46496685 100644 --- a/SerpentRace_Backend/src/Application/Services/AuthMiddleware.ts +++ b/SerpentRace_Backend/src/Application/Services/AuthMiddleware.ts @@ -6,7 +6,7 @@ import { logAuth, logWarning } from './Logger'; export const jwtService = new JWTService(); const redisService = RedisService.getInstance(); -/** +/** * Check if a token is blacklisted */ async function isTokenBlacklisted(token: string): Promise { @@ -23,9 +23,9 @@ async function isTokenBlacklisted(token: string): Promise { /** * Extract token from request (cookie or Authorization header) */ -function extractToken(req: Request): string | null { +function extractToken(req: Request, type: 'auth' | 'refresh'): string | null { // First try to get token from cookie - const cookieToken = req.cookies['auth_token']; + const cookieToken = req.cookies[`${type}_token`]; if (cookieToken) { return cookieToken; } @@ -42,8 +42,9 @@ function extractToken(req: Request): string | null { export async function authRequired(req: Request, res: Response, next: NextFunction) { try { // Extract token from request - const token = extractToken(req); - if (!token) { + const token = extractToken(req, "auth"); + const refreshToken = extractToken(req, "refresh"); + if (!token || !refreshToken) { logAuth('Authentication failed - No token provided', undefined, { ip: req.ip, userAgent: req.get ? req.get('User-Agent') : 'unknown', @@ -95,8 +96,9 @@ export async function authRequired(req: Request, res: Response, next: NextFuncti export async function adminRequired(req: Request, res: Response, next: NextFunction) { try { // Extract token from request - const token = extractToken(req); - if (!token) { + const token = extractToken(req, "auth"); + const refreshToken = extractToken(req, "refresh"); + if (!token || !refreshToken) { logWarning('Admin access denied - No token provided', { ip: req.ip, path: req.path diff --git a/SerpentRace_Backend/src/Application/Services/JWTService.ts b/SerpentRace_Backend/src/Application/Services/JWTService.ts index d899ed97..dc2061af 100644 --- a/SerpentRace_Backend/src/Application/Services/JWTService.ts +++ b/SerpentRace_Backend/src/Application/Services/JWTService.ts @@ -281,9 +281,7 @@ export class JWTService { } else { // For cookie auth, create token pair and set cookies const newTokenPair = this.create(freshPayload, res); - res.setHeader('X-New-Access-Token', newTokenPair.accessToken); - res.setHeader('X-New-Refresh-Token', newTokenPair.refreshToken); - res.setHeader('X-Token-Refreshed', 'true'); + this.setTokenCookies(res, newTokenPair); } return true; diff --git a/SerpentRace_Docker/.env.dev b/SerpentRace_Docker/.env.dev index 22a002f7..5621c2a8 100644 --- a/SerpentRace_Docker/.env.dev +++ b/SerpentRace_Docker/.env.dev @@ -42,7 +42,7 @@ EMAIL_PORT=465 EMAIL_SECURE=true EMAIL_USER=noreply@serpentrace.hu EMAIL_PASS=ZUx720ece&Cin&F{ -EMAIL_FROM=noreply@serpentrace.com +EMAIL_FROM=noreply@serpentrace.hu # CHAT SYSTEM CONFIGURATION CHAT_INACTIVITY_TIMEOUT_MINUTES=30 diff --git a/SerpentRace_Frontend/src/api/userApi.js b/SerpentRace_Frontend/src/api/userApi.js index 80d99ca5..3bbef827 100644 --- a/SerpentRace_Frontend/src/api/userApi.js +++ b/SerpentRace_Frontend/src/api/userApi.js @@ -8,7 +8,7 @@ export const API_CONFIG = { retryAttempts: 3 }; -const apiClient = axios.create({ +export const apiClient = axios.create({ baseURL: API_CONFIG.baseURL, timeout: API_CONFIG.timeout, withCredentials: true, // Important for cookie-based auth @@ -17,35 +17,6 @@ const apiClient = axios.create({ } }); - -// Add request interceptor for debugging -apiClient.interceptors.request.use( - (config) => { - console.log('Request URL:', config.url); - console.log('Request headers:', config.headers); - console.log('Current cookies:', document.cookie); - return config; - }, - (error) => { - return Promise.reject(error); - } -); - -// Add response interceptor for debugging cookies -apiClient.interceptors.response.use( - (response) => { - console.log('Response status:', response.status); - console.log('Response headers:', response.headers); - console.log('Set-Cookie headers:', response.headers['set-cookie']); - console.log('Cookies after response:', document.cookie); - return response; - }, - (error) => { - console.error('API Error:', error.response?.data || error.message); - return Promise.reject(error); - } -); - //login export const login = async (username, password) => { try {